What algorithm does Windows use to decide which DNS Server it will query in order to resolve names?

Let's say I have several interfaces, all active, some with no dns server specified, some told to determine it automatically, and some with it specified manually (in interface ipv4 AND interface ipv6).

I'm asking for an answer to this general question hoping that I know how to solve a more specific problem in Windows Vista - I have two interfaces, one a lower metric and a DNS server specified manually. nslookup uses THIS DNS server and resolves the names correctly. However, all other applications fail to resolve the name unless I manually specify a DNS server for the other interface, which the applications then use. nslookup also uses the DNS server specified for this other interface once it is specified.

6 Answers
6

If I'm not mistaken, it's determined by the NIC binding order in the Advanced Settings in the network connections folder. You can verify it by changing the binding order of the various NIC's and running nslookup as a test.

The DNS Client service queries the DNS servers in the following order:

The DNS Client service sends the name query to the first DNS server on the preferred adapter’s list of DNS servers and waits one second for a response.

If the DNS Client service does not receive a response from the first DNS server within one second, it sends the name query to the first DNS servers on all adapters that are still under consideration and waits two seconds for a response.

If the DNS Client service does not receive a response from any DNS server within two seconds, the DNS Client service sends the query to all DNS servers on all adapters that are still under consideration and waits another two seconds for a response.

If the DNS Client service still does not receive a response from any DNS server, it sends the name query to all DNS servers on all adapters that are still under consideration and waits four seconds for a response.

If it the DNS Client service does not receive a response from any DNS server, the DNS client sends the query to all DNS servers on all adapters that are still under consideration and waits eight seconds for a response.

The preferred adapter in step 1 being the adapter that's listed first in the binding order.

This page describes the algorithm used by Windows to perform DNS queries. It's not in depth enough to give you all the answers you're looking for, but some time w/ a sniffer and this article ought to be all you need to determine what's happening in your specific situation.

As this might help you or others, you can disable the windows round-robin usage of the listed dns to make the dns usage more predictable. Try setting the RoundRobin=0 in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters (reference) to disable the dns round-robing.

There is also a "timeout" for rotating the servers, you can also try to setting it to zero:

According to the mentioned "reference" (link) this applies to configure DNS server in providing multiple IP addresses for some queried FQDN in sorting order rotated from query to query. This has nothing to do with the question on how a DNS resolver (client) is choosing DNS server to be queried.
– cepharumJun 17 '16 at 13:53

It doesn't decide randomly. You're connected to a router which gets it IP from a company which has DNS servers. They get your request unless you alter the IP manually to another DNS, for instance: OpenDns. Or perhaps you decide on having your own DNS servers. That works too. Just enter the IP adresses in the network center and all should be well. And yes, you'll have to set those manually.

You can also adjust a file in C:\Windows\System32 called "hosts" with no extension. It allows you to have URL-requests redirected instead of being sent to the standard DNS. To a local server(which must be running and listening to port 80)

@WebDevHobo - There's really too much to correct in a comment, but I'll touch on the big points. 1)The OP has a computer with multiple interfaces (most likely separate NICs), and each has a different DNS defined on it. In the context of the question, he is clearly running a few internal DNS servers or has a few preferred external DNS servers - the box is probably multi-homed. 2)You don't need to set an internal DNS server's address manually if you are using DHCP it in the DHCP server's configuration for that address pool. 3)The path to the hosts file is c:\windows\system32\drivers\etc
– MDMarraNov 13 '09 at 14:38

3

And the HOSTS file shouldn't be used in this situation, or practically ever unless you are doing local development and using HOST headers or something of the like and need a FQDN to resolve locally. And the server does not need to be running port 80 whether using the HOSTS file for name resolution or a DNS server. Simply append :port_number to the end of the URL. HOSTS doesn't care about the port, just as DNS doesn't - it is a way of translating a hostname to an IP address and nothing more.
– MDMarraNov 13 '09 at 14:40